CVE-2017-5753

Published Jan 4, 2018

Last updated 10 days ago

CVSS medium 5.6
Spectre

Overview

Description
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Source
secure@intel.com
NVD status
Modified
Products
atom_c, atom_e, atom_x3, atom_x5-e3930, atom_x5-e3940, atom_x7-e3950, atom_z, celeron_j, celeron_n, core_i3, core_i5, core_i7, core_m, core_m3, core_m5, core_m7, pentium_j, pentium_n, xeon, xeon_bronze_3104, xeon_bronze_3106, xeon_e-1105c, xeon_e3, xeon_e3_1105c_v2, xeon_e3_1125c, xeon_e3_1125c_v2, xeon_e3_1220, xeon_e3_1220_v2, xeon_e3_1220_v3, xeon_e3_1220_v5, xeon_e3_1220_v6, xeon_e3_12201, xeon_e3_12201_v2, xeon_e3_1220l_v3, xeon_e3_1225, xeon_e3_1225_v2, xeon_e3_1225_v3, xeon_e3_1225_v5, xeon_e3_1225_v6, xeon_e3_1226_v3, xeon_e3_1230, xeon_e3_1230_v2, xeon_e3_1230_v3, xeon_e3_1230_v5, xeon_e3_1230_v6, xeon_e3_1230l_v3, xeon_e3_1231_v3, xeon_e3_1235, xeon_e3_1235l_v5, xeon_e3_1240, xeon_e3_1240_v2, xeon_e3_1240_v3, xeon_e3_1240_v5, xeon_e3_1240_v6, xeon_e3_1240l_v3, xeon_e3_1240l_v5, xeon_e3_1241_v3, xeon_e3_1245, xeon_e3_1245_v2, xeon_e3_1245_v3, xeon_e3_1245_v5, xeon_e3_1245_v6, xeon_e3_1246_v3, xeon_e3_1258l_v4, xeon_e3_1260l, xeon_e3_1260l_v5, xeon_e3_1265l_v2, xeon_e3_1265l_v3, xeon_e3_1265l_v4, xeon_e3_1268l_v3, xeon_e3_1268l_v5, xeon_e3_1270, xeon_e3_1270_v2, xeon_e3_1270_v3, xeon_e3_1270_v5, xeon_e3_1270_v6, xeon_e3_1271_v3, xeon_e3_1275, xeon_e3_1275_v2, xeon_e3_1275_v3, xeon_e3_1275_v5, xeon_e3_1275_v6, xeon_e3_1275l_v3, xeon_e3_1276_v3, xeon_e3_1278l_v4, xeon_e3_1280, xeon_e3_1280_v2, xeon_e3_1280_v3, xeon_e3_1280_v5, xeon_e3_1280_v6, xeon_e3_1281_v3, xeon_e3_1285_v3, xeon_e3_1285_v4, xeon_e3_1285_v6, xeon_e3_1285l_v3, xeon_e3_1285l_v4, xeon_e3_1286_v3, xeon_e3_1286l_v3, xeon_e3_1290, xeon_e3_1290_v2, xeon_e3_1501l_v6, xeon_e3_1501m_v6, xeon_e3_1505l_v5, xeon_e3_1505l_v6, xeon_e3_1505m_v5, xeon_e5, xeon_e5_1428l, xeon_e5_1428l_v2, xeon_e5_1428l_v3, xeon_e5_1620, xeon_e5_1620_v2, xeon_e5_1620_v3, xeon_e5_1620_v4, xeon_e5_1630_v3, xeon_e5_1630_v4, xeon_e5_1650, xeon_e5_1650_v2, xeon_e5_1650_v3, xeon_e5_1650_v4, xeon_e5_1660, xeon_e5_1660_v2, xeon_e5_1660_v3, xeon_e5_1660_v4, xeon_e5_1680_v3, xeon_e5_1680_v4, xeon_e5_2403, xeon_e5_2403_v2, xeon_e5_2407, xeon_e5_2407_v2, xeon_e5_2408l_v3, xeon_e5_2418l, xeon_e5_2418l_v2, xeon_e5_2418l_v3, xeon_e5_2420, xeon_e5_2420_v2, xeon_e5_2428l, xeon_e5_2428l_v2, xeon_e5_2428l_v3, xeon_e5_2430, xeon_e5_2430_v2, xeon_e5_2430l, xeon_e5_2430l_v2, xeon_e5_2438l_v3, xeon_e5_2440, xeon_e5_2440_v2, xeon_e5_2448l, xeon_e5_2448l_v2, xeon_e5_2450, xeon_e5_2450_v2, xeon_e5_2450l, xeon_e5_2450l_v2, xeon_e5_2470, xeon_e5_2470_v2, xeon_e5_2603, xeon_e5_2603_v2, xeon_e5_2603_v3, xeon_e5_2603_v4, xeon_e5_2608l_v3, xeon_e5_2608l_v4, xeon_e5_2609, xeon_e5_2609_v2, xeon_e5_2609_v3, xeon_e5_2609_v4, xeon_e5_2618l_v2, xeon_e5_2618l_v3, xeon_e5_2618l_v4, xeon_e5_2620, xeon_e5_2620_v2, xeon_e5_2620_v3, xeon_e5_2620_v4, xeon_e5_2623_v3, xeon_e5_2623_v4, xeon_e5_2628l_v2, xeon_e5_2628l_v3, xeon_e5_2628l_v4, xeon_e5_2630, xeon_e5_2630_v2, xeon_e5_2630_v3, xeon_e5_2630_v4, xeon_e5_2630l, xeon_e5_2630l_v2, xeon_e5_2630l_v3, xeon_e5_2630l_v4, xeon_e5_2637, xeon_e5_2637_v2, xeon_e5_2637_v3, xeon_e5_2637_v4, xeon_e5_2640, xeon_e5_2640_v2, xeon_e5_2640_v3, xeon_e5_2640_v4, xeon_e5_2643, xeon_e5_2643_v2, xeon_e5_2643_v3, xeon_e5_2643_v4, xeon_e5_2648l, xeon_e5_2648l_v2, xeon_e5_2648l_v3, xeon_e5_2648l_v4, xeon_e5_2650, xeon_e5_2650_v2, xeon_e5_2650_v3, xeon_e5_2650_v4, xeon_e5_2650l, xeon_e5_2650l_v2, xeon_e5_2650l_v3, xeon_e7, xeon_gold, xeon_phi, xeon_platinum, xeon_silver, ubuntu_linux, debian_linux, local_service_management_system, solaris, router_manager, skynas, virtual_machine_manager, diskstation_manager, vs960hd_firmware, vs360hd_firmware, leap, suse_linux_enterprise_desktop, suse_linux_enterprise_server, suse_linux_enterprise_software_development_kit, cortex-r7_firmware, cortex-r8_firmware, cortex-a8_firmware, cortex-a9_firmware, cortex-a12_firmware, cortex-a15_firmware, cortex-a17_firmware, cortex-a57_firmware, cortex-a72_firmware, cortex-a73_firmware, cortex-a75_firmware, cortex-a76_firmware, visunet_rm_shell, btc12_firmware, btc14_firmware, hci, solidfire, bl_ppc_1000_firmware, bl_ppc12_1000_firmware, bl_ppc15_1000_firmware, bl_ppc17_1000_firmware, bl_bpc_2000_firmware, bl_bpc_2001_firmware, bl_bpc_3000_firmware, bl_bpc_3001_firmware, bl_ppc15_3000_firmware, bl_ppc17_3000_firmware, bl_bpc_7000_firmware, bl_bpc_7001_firmware, bl_ppc_7000_firmware, bl_ppc15_7000_firmware, bl_ppc17_7000_firmware, bl_rackmount_2u_firmware, bl_rackmount_4u_firmware, bl2_bpc_1000_firmware, bl2_ppc_1000_firmware, bl2_bpc_2000_firmware, bl2_ppc_2000_firmware, bl2_bpc_7000_firmware, bl2_ppc_7000_firmware, dl_ppc15_1000_firmware, dl_ppc15m_7000_firmware, dl_ppc18.5m_7000_firmware, dl_ppc21.5m_7000_firmware, el_ppc_1000_firmware, el_ppc_1000\/wt_firmware, el_ppc_1000\/m_firmware, valueline_ipc_firmware, vl_bpc_1000_firmware, vl_bpc_2000_firmware, vl_ppc_2000_firmware, vl_bpc_3000_firmware, vl_ppc_3000_firmware, vl_ipc_p7000_firmware, vl2_bpc_1000_firmware, vl2_ppc_1000_firmware, vl2_bpc_2000_firmware, vl2_ppc_2000_firmware, vl2_bpc_3000_firmware, vl2_ppc_3000_firmware, vl2_bpc_7000_firmware, vl2_ppc_7000_firmware, vl2_bpc_9000_firmware, vl2_ppc_9000_firmware, vl2_ppc7_1000_firmware, vl2_ppc9_1000_firmware, vl2_ppc12_1000_firmware, simatic_itc1500_firmware, simatic_itc1500_pro_firmware, simatic_itc1900_firmware, simatic_itc1900_pro_firmware, simatic_itc2200_firmware, simatic_itc2200_pro_firmware, simatic_winac_rtx_\(f\)_2010_firmware, fusion, workstation, esxi, cortex-a77_firmware, cortex-a78_firmware, cortex-a78ae_firmware, neoverse_n1_firmware, neoverse_n2_firmware, cortex-x1_firmware

Risk scores

CVSS 3.1

Type
Primary
Base score
5.6
Impact score
4
Exploitability score
1.1
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Severity
MEDIUM

CVSS 2.0

Type
Primary
Base score
4.7
Impact score
6.9
Exploitability score
3.4
Vector string
AV:L/AC:M/Au:N/C:C/I:N/A:N

Weaknesses

nvd@nist.gov
CWE-203
134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-203

Social media

Hype score
Not currently trending

Configurations

Related CVEs

  1. Ubuntu Linux 6.8 contains SAUCE patches with a possible use of an uninitialized variable in AppArmor AF_INET/AF_INET6 socket mediation code. The bug can be triggered by an unprivileged local user and could result in incorrect fine-grained mediation of network sockets.CVE-2026-47336
  2. Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel panic.CVE-2026-47335
  3. Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.CVE-2026-47337
  4. Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-69057 is not affected) allows remote attackers to bypass authentication with prior knowledge of the distinguished name (DN).CVE-2025-13392
  5. VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed.CVE-2026-41702

References

Sources include official advisories and independent security research.